<?php
if (!defined('IN_MEDIA')) die("Hacking attempt");
################
#### XU LI FORM ####
################
elseif ($_POST['email'] && $_POST['forgot']) {
	$warn 					= '';
	$email 					= trim(urldecode($_POST['email']));
	$q 						= $mysql->query("SELECT user_name FROM ".$tb_prefix."user WHERE user_email = '".$email."'");
	if ($mysql->num_rows($q)) {
		$r 					= $mysql->fetch_array($q);
		$user_name 			= $r['user_name'];
		$new_password 		= m_random_str(15);
		$web_email 			= m_get_config('web_email');
		$title 				= $webTitle." : Mat khau moi";
		$header 			= m_build_mail_header($email,$web_email);
		$content 			= "Chao <b>".$user_name."</b>,<br>".
			"Mat khau moi cua ban : <b>".$new_password."</b> <br>".
			"Ban nho doi mat khau lai ngay sau khi dang nhap.<br>".
			"<a href='".$mainURL."'><b>".$webTitle."</b></a>";
		if ( mail($email,$title,$content,$header) ) {
			$mysql->query("UPDATE ".$tb_prefix."user SET user_new_password = '".$new_password."' WHERE user_name = '".$user_name."'");
		}
		else $warn 		   .= "Host không hỗ trợ Mail";
	}
	else $warn 			   .= "Không có email này";
	if ($warn) echo "<b>Lỗi : </b><br>".$warn;
	else echo "Mật khẩu mới sẽ được gởi đến email của bạn trong vài phút nữa.<br>Bạn nhớ đổi mật khẩu lại ngay sau khi đăng nhập";
	exit();
}
###############
#### HIEN THI ####
###############

if (is_numeric($id)) {
	$q 						= $mysql->query("SELECT * FROM ".$tb_prefix."user WHERE user_id = '".$id."'");
	if (!$mysql->num_rows($q)) {
		die("<script language=javascript>alert('Không có Thành viên này !');</script><script language='JavaScript'>{ window.parent.location='".$_SESSION['current_url']."' }</script>");
		exit();
	}
    $myId = $_SESSION['user_id'];
    if($id != $myId) {
        $q = $mysql->query("SELECT * FROM ".$tb_prefix."friend WHERE (u_id=$myId AND re_id=$id) OR (u_id=$id AND re_id=$myId)");
        if(!$mysql->num_rows($q)) {
            $isFriend = 0;
        } else {
            $rs = $mysql->fetch_array($q);
    //            debug($rs);
            if($rs['re_stt'] == 0) {
                $isFriend = 2;
            } else {
                $isFriend = 1;
            }
        }
    }
	$user_fullname				= $r['user_fullname'];
	if($user_fullname == '')
	{
		$user_fullname = 'Vô Danh';
	}	
	$user_ym					= $r['user_ym'];
	if($user_ym == '')
	{
		$user_ym = 'Chưa có';
	}	
	$user_signature				= $r['user_signature'];
	if($user_signature == '')
	{
		$user_signature = 'I love MatXac';
	}		
	$avatar					= $r['user_avatar'];
	if($avatar == '')
	{
		$avatar = 'http://matxac.com/MATXAC2.jpg';
	}	
	$level = $r['user_level'];
	if( $level == 3 )
	{
		$user_name = "<font color=#CC0000 >".$user_name."</font>";
	}
	if( $level == 2 )
	{
		$user_name = "<font color=#FF9900 >".$user_name."</font>";
	}		
		if (strstr($email,'@yahoo.com')) {
			$e 				= split('@yahoo.com',$email);
			$user_email 			= "<a href=ymsgr:sendIM?".$e[0]."><img src='http://opi.yahoo.com/online?u=".$e[0]."'></a> ".$email;
		}	
	switch ($r['user_level']) {
		case 1	:	$user_level 	= "Member"; break;
		case 2	:	$user_level 	= "Moderator"; break;
		case 3	:	$user_level 	= "Admin"; break;
	}
			
			$sql = "SELECT * FROM ".$tb_prefix."data WHERE m_poster = ".$id." ORDER BY m_viewed DESC LIMIT 35";
			$query  = $mysql->query($sql);
				if($mysql->num_rows($query)) {
					while($row = $mysql->fetch_array($query)) {
						switch ($row['m_type']) {
							case 1 : $media_type = 'music'; break;
							case 2 : $media_type = 'flash'; break;
							case 3 : $media_type = 'movie'; break;
						}
						$song_TYPE 			 = "<img src='$tpl_link/img/media/type/$media_type.gif'>";
						$song_LYRIC 	 	 = ($row_song['m_lyric'])?"<img src='$tpl_link/img/media/ok.gif'>":'';
						$song_ID 			 = $row['m_id'];
						$song_TITLE 		 = $row['m_title'];
						$cat_ID =  $row['m_cat'];				
						$cat_NAME =  m_get_data('CAT',$cat_ID);
						$cat_URL    = url_link($cat_ID,$cat_NAME,'Cat');
						$singer_ID			 =  $row['m_singer'];
						$singer_NAME    	 =  m_get_data('SINGER',$singer_ID);
						
						$song_VIEWED		 = $row['m_viewed'];
						$song_DOWNLOADED 	 = $row['m_downloaded'];
						
						$song_URL			 = url_link($song_ID,$song_TITLE,'nhac-san');
						$singer_URL 		 = url_link($singer_ID,$singer_NAME,'Singer');
						
						
						$song_TITLE1 = $song_TITLE;
						$m_rate = $row['m_rating'];
						$m_rate_total = $row['m_rating_total'];
						if ($m_rate =='0') $current_star = 0;

						else $rater_rating = $m_rate / $m_rate_total;
						if ($rater_rating <= 0  ) $star = 0;
						if ($rater_rating >= 0.5) $star = 1;
						if ($rater_rating >= 1) $star = 2;
						if ($rater_rating >= 1.5) $star = 3;
						if ($rater_rating >= 2) $star = 4;
						if ($rater_rating >= 2.5) $star = 5;
						if ($rater_rating >= 3) $star = 6;
						if ($rater_rating >= 3.5) $star = 7;
						if ($rater_rating >= 4) $star = 8;
						if ($rater_rating >= 4.5) $star = 9;
						if ($rater_rating >= 5) $star = 10;
						$song_HTML .= "<li><p class='right'><span class='rate s_".$star."'><span><span><span><span><span></span></span></span></span></span></span><span class='add_pl'><a href='#' onclick='addToPlaylist($song_ID);return false;' title='Add to Playlist'></a></span></p><p class='title'><a href='$song_URL' title='$song_TITLE'>$song_TITLE1</a></p><p class='user'>Đăng bởi: <a href='$user_URL'>$user_NAME</a> | <a href='$cat_URL'>$cat_NAME</a> | Lượt nghe: $song_VIEWED</p></li>";

					}
				}
				if(!$mysql->num_rows($query)) {
					$song_HTML 				 = "<li>	<p class='title'>Không có bài hát này</p></li>";
				}
				
	
include("templates/".$_SESSION['current_tpl']."/user_info.html");
}
elseif ($show == 'list') {
	#############
	## PHAN TRANG ##
	#############
	// CHECK TOTAL SONGS
	$num 					= $mysql->query("SELECT * FROM ".$tb_prefix."user");
	$total				    = $mysql->num_rows($num);
	if (!$pg) $pg = 1;
	$u_per_page 			= m_get_config("media_per_page");
	$q 						= $mysql->query("SELECT * FROM ".$tb_prefix."user ORDER BY user_name ASC LIMIT ".(($pg-1)*$u_per_page).",".$u_per_page);
	if ($mysql->num_rows($q)) {
		while ($r = $mysql->fetch_array($q)) {
			$user_ID 			= $r['user_id'];
			$user_NAME 			= $r['user_name'];
			$user_EMAIL 		= $r['user_email'];
			$user_URL			= url_link($user_ID,$user_NAME,'User');
			$level = $r['user_level'];
			if( $level == 3 )
			{
				$user_NAME = "<font color=#CC0000 >".$user_NAME."</font>";
			}
			if( $level == 2 )
			{
				$user_NAME = "<font color=#FF9900 >".$user_NAME."</font>";
			}			
			$link		  		= (m_get_config('url_type') == 0)?$mainURL."/index.php?go=user&show=list&pg=":$mainURL."/List/User/Page/";
			$view_pages 		= m_viewpages($total,$u_per_page,$pg,$link);
			
			$user_HTML 	   	   .= "<li><p class='right'><span class='add_pl'>$user_EMAIL</span></p><p class='title'><a href='$user_URL'>$user_NAME</a></p></li>";
		}

	include("templates/".$_SESSION['current_tpl']."/list_user.html");
	}
	else echo "<center><b>Không có dữ liệu trong mục này.</b></center";
}
elseif ($act == 'forgotpassword' && !$isLoggedIn) {
	include("templates/".$_SESSION['current_tpl']."/forgot_password.html");
}
?>